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ABSTRACT 


In this paper one method for analytically describing the 
life distribution of a system is investigated. This is 
done by using the inherent properties of convolutions and 
mixtures of life distributions to create an algebraic struc- 
ture. Once the algebraic structure is constructed it can be 
used to develop algorithms to go from the schematic of a 
system to its survival function. [It is noted along the way 
that many combinations of constant failure rate components, 
e.g., redundant, series, or parallel systems can be described 
by a mixture of convolutions and that often these expressions 


can be greatly simplified. 
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ieee GeoRALG PROPERTIES 


An algebraic structure has been derived for the combina- 
mroneGs lite distributions which describe the reliability 
of systems. Such a structure consists of a set of elements 
D),D5,---,D, combined by operations such as addition or 
multiplication. The set of elements in the algebraic struc- 
mute derived here is life distributions. Each life distri- 
bution is assumed to have a probability density function. 
An exception is the ZERO distribution defined later. The 
random variable associated with the distribution is time. 
pumice a life distribution can be fully described by its 
Survival function, that representation will often be used. 
The operations used in this algebraic structure will not be 
feette1on and multiplication but the operations of © and MIX. 
They are defined as follows: 

D, @D Pee COnVGLMeTOn ‘Or two life distributions . 


2 


fsang survival functions: 


ce 
2 Wy em aie J F,(t-s) £,(s)ds 


In words this says the probability that the system resulting 


ieee m D, SD, Vimeieouroivie Gl ll aime ty) 1s the probability that 


the component whose life distribution is D, will survive till 


Jk 
time t plus the probability that the component whose life 


@astribution is D. Woe besuryive from tlme s until t given 





that component one (whose life distribution is D,) lived 


1 
until time s and failed at that moment. It will be shown 
later that the probability the system created by the cocn- 
volution will survive till time t is the same regardless 
of whether Dy on8 D. is considered first. 

Mie seeieosmrningesor combination Of life distributions 


with a priori mixing probabilities. In terms of survival 


functions: 
MIX[{p,D,,p,D,] = Pp, F, (t) + poF.(t). 


This relation says the probability that the system result- 

mag £cOm MIX[p,D,,p5D,] will survive till time t is the 

sum of the probabilities that either component will survive 
till time t multiplied by their a priori mixing probabili- 
ties. These operations display certain algebraic properties 
such as commutativity, associativity, distributivity, and 

the presence of an identity. The following theorem summarizes 
these properties. The proof for the theorem is manipulative. 
The theorem is true more generally than for just independent 
and continuous distributions for nonnegative random variables, 


but only this case is snown here. 


Aeon: THE SET OF LIFE DISTRIBUTIONS D - 7D, FORM 


prPor-: 
A MONOID UNDER THE OPERATIONS OF ® AND MIX. 





Rook: 


(1) Commutativity 
— a 
(a) D, @D, => F(t) + ) Eléess) f(s) ds 
imemractythaten ic) = | = F(t) yields: 
te 
1 - J £, (s) Fa (t-s) ds 


Using the convolution property of integrals 


yields: 


1s 
ieee (ts) h2¢s) ds. 
0 a 2 


Now applying integration by parts we have: 


And if the previous steps are retraced: 


t 
oe ea ey | ECE S) =e 
0 


> (da) ds 
Welch HS che Survival £Lunction for the life 


Elser puticn D., 2 Ds - 





(b) MIX[p,D,,p,D,] => p, Fy (t) + ne) 


Applying the commutative property of normal addi- 
tion yields PoF,(t) + p, Fy (t) which is the 


SENN gee Aewlaveasolel smehe MIX{p,D,,p,D,]. 
(2) Associativity 


c 
(a) (D) @D,) ®D, > Fy,,(t) + - F,(t-s)f,,5(s)ds 


+ 


nee Wap Ge) = 1 eae a F,(t-s) £,(s)ds 


S 
(Sa = J £.(s-u) £, (u) du. 
0 


Making the substitutions and invoking the associa- 
tive property of convolution integrals yields: 
ce ie t-s 


+ J F ee _ PGs =a) 2 (>) 


x £. (u) duds. 


This integral equation reduces to: 


Se 
= 


Pe) y) Bee cos) £ (5) ds, 


Vise o ENOuSUrYy Vale fUnceiLon for the life 


Gastriaucion D. 6 (D 


l Cb): 


2 2 
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(5) MIX[{(p,D)-P,D,) -P3D,] = 
(p F(t) + p5F,(t)) + p5F,(t). 


Applying the associative property of normal 


addition yields: 
p, F(t) + (DoF, (t) - p3F,(t)) 


which is the survival function for 


MIX(p,D),(p5D,,P3D,) 1. 
me Distribueivity 


D, ® MIX(p,D,,p3D,] = 


c 
F(t) + e; (poF,(t-s) + p5F,(t-s)) f,(s)ds 


Letting Po + P3 = ieee sules. 17): 


te 
poF,(t) + p3F,(t) + ,! poF,(t-s) £, (s)ds 


S 
+ ee p3F.,(t-s) f, (s)ds 


which implies MIX[p,(D, ® D,),p,(D, ® D,)]. 


It is assumed in the MIX operation that the assigned a 


priori probabilities will sum to one. If the sum of the a 


id 





priori probabilities is less than one, then the life distri- 
bution resulting from the MIX operation will be an improper 
distribution, but this can be remedied by the use of the ZERO 
distribution. ZERO will act as an identity element for both 
® and MIX. By definition ZERO(t) = 0; this means the proba- 
bility of a component (with a ZERO life distribution) being 


alive at time t > 0 is Q. 


(4) Identity 
(i) Right identity 
1c 


® ZERO > F(t) + f ZERO(t-s)f,(s)ds 
0 


sail 
Tne peg tales F, (t) which is the survival 
HUNCE LON fOr Just D, - 
ieee re Ldaemel ty 
There is not a comparable form for showing 
ZERO to be a left identity, but by employing 


an extended commutative property first the 


needed result can be obtained. 
(b) MIX[p,D,),p,ZERO] = p,F, (t) + p.ZERO(t) 
This equals p, Fy (t) which implies p,D,. The 


left identity for MIX is obvious using the 


commutative property. 


a2 





This argument establishes all the properties necessary 
for the operations of ® and MIX to form a monoid over the 
set of continuous life distributions with ZERO adjoined. 
The next question would be to ask if this set of operations 
form a group. The answer 1s negative since there does not 
exist a unique inverse for each element in the set of life 
@ystributions. 

There is another property that could prove valuable in 
eee manipulation of life distributions. That property is 


the idempotence property for the MIX operation, i.e., 


MIX[p)D,p,D] => D 


It is a further observation that a mixture of mixtures is 


aemixture. 


3 





II. LIFE DISTRIBUTIONS AND BRANCHING DIAGRAMS 


The power of the previous algebraic properties can be 
most easily seen using exponential life distributions. As 
an example, the life distribution of a redundant system with 


failure rates of the primary and backup components of A, and 


Ab 
ho respectively, can be described as EXP{A, } ? EXP{A.}. 


EXP{A} is a convenient shorthand to describe an exponential 
Mere CIStErIOUCION with failure rate A. The survival function 
for the system will be the convolution of the survival func- 


tions for the two components. It is given by 


which simplifies to: 


+ 


This equation is symmetric in Ay and A nence the operation 


Pied 
is commutative. The form of this solution can be extended 


~O the nth case EXP{,.} 9® EXP{A.,} PaO EXP{\}. The survi- 


a 


we Function is: 





tt 
> 

It 

tt 
> 
ct 
Oe 
() 


In the case Ay = 5 3 ou A closed form of the 


SOvuUtLIOn 21S: 


tol 
>’ 
ct 
I 
> 
Gh 


If two exponentially lived components are connected in series, 
the life distribution of the system will be EXP{A, +A}, 


and the survival function 1S: 


= AN 


l >it 
= 


If two components are connected in parallel the life distri- 
bution of the system is: 


Ay 


® MIX[ 
Aqtr5 





EXP{A,+A EXP{A.} EXP{A,}1, 


: 2 

2 Ay tr, 
where the a priori mixing probabilities are the probabili- 
ties that EXPi\,} will fail before EXP{A,}, and EXP{).} os 


fail before EXP{A,}, respectively. The survival function 


for the parallel system is: 


Both the series and parallel system can be extended to the 


case of n components. 


1S 





These various simple systems can be connected to form 
more complex systems, but all can be analytically described 
by a mixture of convolutions. It will be necessary to adopt 
a convention to describe graphically the life distribution 
of these complex systems. This convention will be a branch- 
ing diagram as seen in Figure 2.1. 

Aa) 
= EXP{ fA.} 


Le | 
J j#1 


(a) a = 
EXP{)A3} Q FA EXPL Bh! : 


j=l 


eee os ZERO 


Braue cal. Branching Diagram 


At the base of the diagram will be (a), the probability 
Seseribucion for the survival of all the components. Branch- 
ing from the base are different paths that represent the 
mixture of the life distributions of the remaining components 
given that one or more of the original components has failed. 
Mio elate distribution at point (a) will be convolved with 
the mixture of the branches. Each of these branches 1s given 


an a priori probability of occurrence. Each of these paths 


10s) 





may again branch, giving rise to a new mixture which will be 
convolved with preceding life distribution. These branches 
will continue until the failure of any component will result 
in the failure of the complete system. When all the branches 
have been drawn out to completion, the sum of the products 

of the a priori probabilities along each branch must be one. 
It may be necessary to use the ZERO distribution, as described 
in Chapter I, to achieve this sum. A couple of examples 


femelle Clarify the point. 


Example 2a) 


Tne schematic: 





Mie convolution diagram: 






r 
1 ERO 
; 2 
Dp L ee ee times | 
EXP{A,+A,+A 4] 3 Seas EXP{A,+A4) 
Rae S. 
AS 
ae XP {A +A. } 
AytAstas al 2 
moe life distribution: 
Ay do AS 
ae te 71 x ts Uh a 
EXPLA, A5 Ags ® MIX SEae Fath TAPAS PAg LAS” es vs ick ey a 


Ly 





Example 2b) 


The schematic: 





mae CONVOlLUELION dlagram: 











AS) 
1 oo 
Toe a 3 
ie 1 
2 
ie ee } 
EXP{A, +A} 9 
Ay 
7 ar eukae Sar a 
TOE EXP 1A, tA5} se) 
i uae \ 
2 
ZERO 
A tA, 
jee life distribution: 
Ay My do 
EXP{), +) 5} @ MIX[,—= EXP, +) 5} ® MIX[ See ee (tA hl, 
x - ey ee 
AytAs 2 5 ee, 
do dy A 
OEP ty +) p) 8 MIX [EHP LA + ZERO] J 
A+ ho ho a dos haa 5 


Writing out these complete life distributions can be 
quite long and tedious, but by invoking the distributive 


and idempotent properties shown earlier, we can move each life 


18 





distribution from outside the MIX brackets to the inside, 
and express MIX of a MIX as a Single MIX. The life distribu- 


tion in the second example would become: 


2 Z 


So 42 
MIX (— EXEL. +A} @ EXP{A-+A.1), 
5 1 ie 
(A, +A.) 


2h, A, 


s(EXP{A, +A,} © EXP{A, +A} @ EXP{A\, +A,})] 
eee ee) 
sei? 
By using the above algorithm to express the life distri- 
bution of a complex system, we have proven the following 


theorem: 


SeeOreM: THE EIiFE DISTRIBUTION OF ANY SYSTEM WHICH CAN BE 
REPRESENTED BY A BRANCHING DIAGRAM WITH EXPONENTIAL LIFE 
DISTRIBUTIONS ALONG THE BRANCHES CAN BE EXPRESSED AS A 


mexrwrR: OF CONVOLUTIONS OF EXPONENTIAL LIFE DISTRIBUTIONS. 


By further applying the algebraic properties some very 
Simple expressions can be derived from some very complex 
ones. A good example of one such identity is: 


X 


i 
l 2 
ZERO ,————EXP{i\A.}] => BKPI{)A. } 
A, +A5 A tA, il IL 


EXP{A,+A } ® MIX[ 





2 
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Ill. THE CORRESPONDENCE BETWEEN BRANCHING 
DIAGRAMS AND FAULT TREES 

In the preceeding chapter the notion of a branching 
diagram was introduced. We can also graphically display 
complex systems and the effect of the failure of some com- 
ponents on the whole system by the method of fault trees. 
The class of systems which can be represented by fault trees 
and the class of systems which can be represented by branch- 
ing diagrams are not identical. There exist systems which 
can be represented by branching diagrams which cannot be 
represented by fault trees. An example of such consists of 
systems involving standby redundancy. In this chapter it 
will be shown that, given a system that can be represented 
by a fault tree, the length of the paths of the branching 
diagram can be determined by the minimum cut sets from the 
fault tree. It 1S assumed that the components fail indepen- 
dently of each other and the life distribution of those 
components are exponential. 

The fault tree provides a convenient and efficient 
format helpful in the computation of the probability of 
system success or failure. The fault tree consists of boxes 
representing basic events, AND gates, and OR gates. The top 
box in the tree will represent system failure. If the top 
box had represented system success the fault tree would have 


become an event tree. Immediately below the top event will 


20 





be a gate with lines leading to the next level of events. 
If the gate is an AND gate, marked with a -, then all the 
events on the next level must occur to cause the top event 
to occur. If the gate is an OR gate, marked by a +, then 
the occurrence of any of the events of the next level will 
cause the top event to occur. The tree will continue to 
grow until all possible events have been considered. Once 
the tree has been drawn it is an easy chore to write down 
the minimum cuts. A minimum cut is defined to be a minimum 
set necessary for the top event to occur. The algorithm 
Pome incaesuciy Cuts 15s taken) from Barlow and Proschan’s Sta- 


mEyercat Tneery or Relvability and Lite Testing [Ref. 1: 
p. 256]. The algorithm begins with the gate immediately below 


the top event. If the gate is an OR gate, each input is used 
aS an entry in separate rows of a list matrix. If this gate 
a < 
| 
| 4 | 
! | 
| eae 
eS 


fiCtaewo.i. Schematic for EXample 3a 


Pail: 





is an AND gate, each input is used as an entry in the first 
row of a list matrix. If one of these inputs is another 
gate, then the inputs to that gate are listed in the same 
Or separate rows of the list matrix according to the nature 
of the gate. Multiple entries in the rows of the list 
matrix are the result of AND gates. A row with entry a,b 
implies that this minimum cut will occur if both components 
a and b fail. Once the list contains all components and 

no gates then the minimum cuts can be read across each row. 


Example 3a is given to clarify this point. 


Example 3a) Given the schematic in Figure 3.1 it is obvious 
that the system will fail if either component one or all the 
Sener COMpOmRencs in the parallel structure fail. The first 
gate in the fault tree is an OR gate and is shown in Figure 


Bec. 





OYSTEM FAILURE) MINIMUM CUT 


@) Gil 


Figure 3.2. First Level of the Fault Tree 


The minimum cut representation is listed beside the fault 


tree. Because the gate was an OR gate the inputs were listed 


as separate rows of a list matrix. The next level is an AND 


ae 





Gaeerand 2eS anpurs are two more gates as seen in Figure 3.3. 
The AND gate causes the inputs to be listed in the same row 
of the list matrix. The complete fault tree and its corres- 


ponding minimum cuts are given in Figure 3.4. 


SYSTEM FAILURE MINIMUM CUT 
— : 
(1) 62,63 


eee seem 


rez] 


Figumuess. 3. Seceomd Level of the Fault Tree 


| SYSTEM FAILURE | MINIMUM CUT 
(*) 
——- L—___, 1 
C1) 2,3,4,5 


C) 


ace 
re 
2) O® © 


Figure 3.4. The Complete Fault Tree and 
Its Minimum Cut Representation 
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FOr a system such as that of Hxample 3a an algorithm can 
also be developed to find the resulting exponential survival 
function once all minimum cuts have been found. Step one is 
to find the survival function for each row. This step is 
relatively easy since the union of the events in each row 
will yield the proper exponents for the exponential functions. 
For the second row of the list matrix in Example 3a this 


would be: 


2,3,4,5 = (2) + (3) + (4) + (5) - (€24+3) - (2+4) - (245) 
- (3+4) - (3+5) - (4+5) + (24+34+4) + (2+3+5) 
+ (34+44+5) + (2+44+5) - (24+3+4+5) 


Now insert the respective failure rates and the quantities 

in parenthesis times -t are the exponents for the exponen- 
meals in the survival function. The sign in front of the 
parenthesis is also the sign of the exponential. The survival 
function for the second row would be: 

: — se ez . ai fe . Pees eu i ie te a 


(-\ .4A 4A tA -J) t 
ote Newciteeniaiee etal as 


Step two is to take the product of the exponential survival 


functions of the rows. For the above example: 
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re —~(A.+A.4+A,4¢A-) t 
)(e +e +e +e +e +...+e 434 55 ) 


3) 


ae eA +r +} tr) t 
= e +e +e + ... +e 


2 3 4 


This expression represents the complete survival function 
for the system in Example 3a. 

There exists an isomorphism between the paths of the 
branching diagram and all possible sequences of failures of 
components in the fault tree. The bottom level of the fault 
tree corresponds with the base of the branching diagram, all 
components are functioning at the start of the system. The 
failure of any component or components will cause branching 
in the branching diagram and gates to be affected in the 
fault tree. There is exactly the same number of initial 
branches as components in the fault tree. If the failure of 
a component caused system failure in the fault tree its 
respective branch in the branching diagram will end ina 
ZERO distribution. If the component failure did not cause 
System failure then the distribution of time to next failure 
among the remaining components will be at the end of the 
branch respective to the component that failed. Once again 
there is a one to one correspondence between components re- 
maining in the fault tree and branches of the branching 
Mmagbam di tENat COlnt. This process will account for all 


possible permutations of events leading to system failure. 
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The branching diagram for the system in Example 3a is 
Given gn rigure 325. Due to the size of the branching 
diagram, only a few of the branches of the diagram are drawn 
out to completion. If drawn out completely there would be 
65 possible paths through the branching diagram. This is 
the same as the number of possible sequences of failures in 
the fault tree. Not coincidently this is the same number of 
possible permutations and combinations of the two minimum 
cuts summed together. 

For a coherent system with n components there are n! 
possible paths through the branching diagram if the only 
minimum cut set is the set of all components. If the mini- 
mum cut sets are proper subsets of the set of all components 
a path of the branching diagram will end in a ZERO distribu- 
tion once the set of failed components corresponding to that 
path contains a minimum cut set. That is, a system will 
remain up and paths will continue to branch on component 
failure until the set of components along a path contains 
one of the minimum cut sets found by the fault tree algorithm. 
The probability of the occurrence of the minimum cut set or 
any particular sequence of failures is the product of the 
a priori probabilities of the corresponding path in the 


beanching diagram. 
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